SEUNSHARE(8) User Commands SEUNSHARE(8)NAME
seunshare - Run cmd with alternate homedir, tmpdir and/or SELinux context
SYNOPSIS
seunshare [ -v ] [ -c ] [ -C ] [ -k ] [ -t tmpdir ] [ -h homedir ] [ -Z context ] -- executable [args]
DESCRIPTION
Run the executable within the specified context, using the alternate home directory and /tmp directory. The seunshare command unshares
from the default namespace, then mounts the specified homedir and tmpdir over the default homedir and /tmp. Finally it tells the kernel to
execute the application under the specified SELinux context.
-h homedir
Alternate homedir to be used by the application. Homedir must be owned by the user.
-t tmpdir
Use alternate tempory directory to mount on /tmp. tmpdir must be owned by the user.
-c --cgroups
Use cgroups to control this copy of seunshare. Specify parameters in /etc/sysconfig/sandbox. Max memory usage and cpu usage are to
be specified in percent. You can specify which CPUs to use by numbering them 0,1,2... etc.
-C --capabilities
Allow apps executed within the namespace to use capabilities. Default is no capabilities.
-k --kill
Kill all processes with matching MCS level.
-Z context
Use alternate SELinux context while runing the executable.
-v Verbose output
SEE ALSO runcon(1), sandbox(8), selinux(8)AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com> and Thomas Liu <tliu@fedoraproject.org>
seunshare May 2010 SEUNSHARE(8)
Check Out this Related Man Page
matchpathcon(8) SELinux Command Line documentation matchpathcon(8)NAME
matchpathcon - get the default SELinux security context for the specified path from the file contexts configuration.
SYNOPSIS
matchpathcon [-V] [-N] [-n] [-f file_contexts_file ] [-p prefix ] filepath...
DESCRIPTION
matchpathcon queries the system policy and outputs the default security context associated with the filepath.
Note: Identical paths can have different security contexts, depending on the file type. (regular file, directory, link file, char file ...)
matchpathcon will also take the file type into consideration in determining the default security context if the file exists. If the file
does not exist, no file type matching will occur.
OPTIONS -n Do not display path.
-N Do not use translations.
-f file_context_file Use alternate file_context file
-p prefix Use prefix to speed translations
-V Verify file context on disk matches defaults
AUTHOR
This manual page was written by Dan Walsh <dwalsh@redhat.com>.
SEE ALSO selinux(8), matchpathcon(3),
dwalsh@redhat.com 21 April 2005 matchpathcon(8)
Hi,
We're stuck after the Unix admin left without prior notice.
We have a web application running on mySQL.
it seems that the \tmpdir for mySQL is mount to
var\tmp directory which has only 60 MB of available disk space
running any big query fails due to the size limitation
I don't have... (13 Replies)
Hi,
I have an issue that i have never come across before. I have 1 user on a server who cannot login. When they connect using Putty and put in the login id and password the session is terminated. It is as if they had /usr/bin/false in /etc/passwd but they dont. This is the password entry;
... (9 Replies)
I need to capture the homedir using the ssh command and then saving it to a variable.
The results from the following command is what I need to capture to a variable:
NOTE: the value I'm getting back is also incorrect. as it seems to be getting the home dir from the local server and not the... (2 Replies)
Hi guys,
I have a problem in unix shell script for abinitio.
if i'm using air sandbox parameters command to set the parameter
ABC_FILE_MASK to this value ^abc_rules_.csv$ , it is throwing error.
Some one please help me find a solution. (1 Reply)
Trying to execute commands for different Unix user with that user's environment variable context without fully switching as that user using sudo && su capabilities.
Hoping this would help with security and not having to waste time switching between 10 different app users on same server.
I do... (6 Replies)
what’s going on these commands
(/tmpdir %) ls
Foo
(tmpdir % )cat foo
Cat:foo! No such file or directory
any help me out
i checked with permission...even though it is not working (1 Reply)